projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b5a57b1) | patch
chown-recursive: let's rework the recursive logic to use O_PATH
authorLennart Poettering <lennart@poettering.net>
Fri, 19 Oct 2018 09:26:59 +0000 (11:26 +0200)
committerMichael Biebl <biebl@debian.org>
Sun, 28 Oct 2018 12:02:18 +0000 (12:02 +0000)
commit41548bdb2066b38d1d1722d2bd25ea47aaf803fd
tree86d0efba4e8f99a130065842b09b589a9bdc03c5tree | snapshot
parentb5a57b154da930c1741faa5a270924915b92d998commit | diff
chown-recursive: let's rework the recursive logic to use O_PATH

That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076

(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c)

Gbp-Pq: Name chown-recursive-let-s-rework-the-recursive-logic-to-use-O.patch
src/core/chown-recursive.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.